﻿using Microsoft.AspNetCore.Mvc;
using System.Web;

namespace Step4.Unit9.Controllers
{
    public class XSSController : Controller
    {
        private readonly ILogger<XSSController> _logger;

        public XSSController(ILogger<XSSController> logger)
        {
            this._logger = logger;
        }

        public IActionResult Index()
        {
            return View();
        }

        public IActionResult Submit(string input) 
        {
           var encoded= HttpUtility.HtmlEncode(input);  // 如果要将用户输入的内容存储，并且后续展示在页面，需要对输入内容进行HTML编码
            _logger.LogInformation(encoded);
            return Ok();
        }
    }
}
